Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Gmail. Show all posts
SVR
APT29 CyberCrime Cybersecurity CyberThreat Email Hacking Gmail Google GTIG MFA Password Privacy SVR

Russian Threat Actors Circumvent Gmail Security with App Password Theft


 

As part of Google's Threat Intelligence Group (GTIG), security researchers discovered a highly sophisticated cyber-espionage campaign orchestrated by Russian threat actors. They succeeded in circumventing Google's multi-factor authentication (MFA) protections for Gmail accounts by successfully circumventing it. 

A group of researchers found that the attackers used highly targeted and convincing social engineering tactics by impersonating Department of State officials in order to establish trust with their victims in the process. As soon as a rapport had been built, the perpetrators manipulated their victims into creating app-specific passwords. 

These passwords are unique 16-character codes created by Google which enable secure access to certain applications and devices when two-factor authentication is enabled. As a result of using these app passwords, which bypass conventional two-factor authentication, the attackers were able to gain persistent access to sensitive emails through Gmail accounts undetected. 

It is clear from this operation that state-sponsored cyber actors are becoming increasingly inventive, and there is also a persistent risk posed by seemingly secure mechanisms for recovering and accessing accounts. According to Google, this activity was carried out by a threat cluster designated UNC6293, which is closely related to the Russian hacking group known as APT29. It is believed that UNC6293 has been closely linked to APT29, a state-sponsored hacker collective. 

APT29 has garnered attention as one of the most sophisticated and sophisticated Advanced Persistent Threat (APT) groups sponsored by the Russian government, and according to intelligence analysts, that group is an extension of the Russian Foreign Intelligence Service (SVR). It is important to note that over the past decade this clandestine collective has orchestrated a number of high-profile cyber-espionage campaigns targeting strategic entities like the U.S. government, NATO member organizations, and prominent research institutes all over the world, including the U.S. government, NATO, and a wide range of academic institutions. 

APT29's operators have a reputation for carrying out prolonged infiltration operations that can remain undetected for extended periods of time, characterised by their focus on stealth and persistence. The tradecraft of their hackers is consistently based on refined social engineering techniques that enable them to blend into legitimate communications and exploit the trust of their intended targets through their tradecraft. 

By crafting highly convincing narratives and gradually manipulating individuals into compromising security controls in a step-by-step manner, APT29 has demonstrated that it has the ability to bypass even highly sophisticated technical defence systems. This combination of patience, technical expertise, and psychological manipulation has earned the group a reputation as one of the most formidable cyber-espionage threats associated with Russian state interests. 

A multitude of names are used by this prolific group in the cybersecurity community, including BlueBravo, Cloaked Ursa, Cosy Bear, CozyLarch, ICECAP, Midnight Blizzard, and The Dukes. In contrast to conventional phishing campaigns, which are based on a sense of urgency or intimidation designed to elicit a quick response, this campaign unfolded in a methodical manner over several weeks. 

There was a deliberate approach by the attackers, slowly creating a sense of trust and familiarity with their intended targets. To make their deception more convincing, they distributed phishing emails, which appeared to be official meeting invitations that they crafted. Often, these messages were carefully constructed to appear authentic and often included the “@state.gov” domain as the CC field for at least four fabricated email addresses. 

The aim of this tactic was to create a sense of legitimacy around the communication and reduce the likelihood that the recipients would scrutinise it, which in turn increased the chances of the communication being exploited effectively. It has been confirmed that the British writer, Keir Giles, a senior consulting fellow at Chatham House, a renowned global affairs think tank, was a victim of this sophisticated campaign. 

A report indicates Giles was involved in a lengthy email correspondence with a person who claimed to be Claudia S Weber, who represented the U.S. Department of State, according to reports. More than ten carefully crafted messages were sent over several weeks, deliberately timed to coincide with Washington's standard business hours. Over time, the attacker gradually gained credibility and trust among the people who sent the messages. 

It is worth noting that the emails were sent from legitimate addresses, which were configured so that no delivery errors would occur, which further strengthened the ruse. When this trust was firmly established, the adversary escalated the scheme by sending a six-page PDF document with a cover letter resembling an official State Department letterhead that appeared to be an official State Department document. 

As a result of the instructions provided in the document, the target was instructed to access Google's account settings page, to create a 16-character app-specific password labelled "ms.state.gov, and to return the code via email under the guise of completing secure onboarding. As a result of the app password, the threat actors ended up gaining sustained access to the victim's Gmail account, bypassing multi-factor authentication altogether as they were able to access their accounts regularly. 

As the Citizen Lab experts were reviewing the emails and PDF at Giles' request, they noted that the emails and PDF were free from subtle language inconsistencies and grammatical errors that are often associated with fraudulent communications. In fact, based on the precision of the language, researchers have suspected that advanced generative AI tools have been deployed to craft polished, credible content for the purpose of evading scrutiny and enhancing the overall effectiveness of the deception as well. 

There was a well-planned, incremental strategy behind the attack campaign that was specifically geared towards increasing the likelihood that the targeted targets would cooperate willingly. As one documented instance illustrates, the threat actor tried to entice a leading academic expert to participate in a private online discussion under the pretext of joining a secure State Department forum to obtain his consent.

In order to enable guest access to Google's platform, the victim was instructed to create an app-specific password using Google's account settings. In fact, the attacker used this credential to gain access to the victim's Gmail account with complete control over all multi-factor authentication procedures, enabling them to effectively circumvent all of the measures in place. 

According to security researchers, the phishing outreach was carefully crafted to look like a routine, legitimate onboarding process, thus making it more convincing. In addition to the widespread trust that many Americans place in official communications issued by U.S. government institutions, the attackers exploited the general lack of awareness of the dangers of app-specific passwords, as well as their widespread reliance on official communications. 

A narrative of official protocol, woven together with professional-sounding language, was a powerful way of making the perpetrators more credible and decreasing the possibility of the target questioning their authenticity in their request. According to cybersecurity experts, several individuals who are at higher risk from this campaign - journalists, policymakers, academics, and researchers - should enrol in Google's Advanced Protection Program (APP). 

A major component of this initiative is the restriction of access to only verified applications and devices, which offers enhanced safeguards. The experts also advise organisations that whenever possible, they should disable the use of app-specific passwords and set up robust internal policies that require any unusual or sensitive requests to be verified, especially those originating from reputable institutions or government entities, as well as implement robust internal policies requiring these types of requests. 

The intensification of training for personnel most vulnerable to these prolonged social engineering attacks, coupled with the implementation of clear, secure channels for communication between the organisation and its staff, would help prevent the occurrence of similar breaches in the future. As a result of this incident, it serves as an excellent reminder that even mature security ecosystems remain vulnerable to a determined adversary combining psychological manipulation with technical subterfuge when attempting to harm them. 

With threat actors continually refining their methods, organisations and individuals must recognise that robust cybersecurity is much more than merely a set of tools or policies. In order to combat cyberattacks as effectively as possible, it is essential to cultivate a culture of vigilance, scepticism, and continuous education. In particular, professionals who routinely take part in sensitive research, diplomatic relations, or public relations should assume they are high-value targets and adopt a proactive defence posture. 

Consequently, any unsolicited instructions must be verified by a separate, trusted channel, hardware security keys should be used to supplement authentication, and account settings should be reviewed regularly for unauthorised changes. For their part, institutions should ensure that security protocols are both accessible and clearly communicated as they are technically sound by investing in advanced threat intelligence, simulating sophisticated phishing scenarios, and investing in advanced threat intelligence. 

Fundamentally, resilience against state-sponsored cyber-espionage is determined by the ability to plan in advance not only how adversaries are going to deploy their tactics, but also the trust they will exploit in order to reach their goals.
Read more »
WebSockets
Blockchain codebase Credentials Crypto Cybersecurity dataexfiltration dependency devtools Firewall Gmail Hacking malware phishing PyPI python scripts SMTP Spoofing Threatactors WebSockets

Malicious PyPI Packages Exploit Gmail to Steal Sensitive Data

 

Cybersecurity researchers have uncovered a disturbing new tactic involving malicious PyPI packages that use Gmail to exfiltrate stolen data and communicate with threat actors. The discovery, made by security firm Socket, led to the removal of the infected packages from the Python Package Index (PyPI), although not before considerable damage had already occurred.

Socket reported identifying seven malicious packages on PyPI, some of which had been listed for more than four years. Collectively, these packages had been downloaded over 55,000 times. Most were spoofed versions of the legitimate "Coffin" package, with deceptive names such as Coffin-Codes-Pro, Coffin-Codes, NET2, Coffin-Codes-NET, Coffin-Codes-2022, Coffin2022, and Coffin-Grave. Another package was titled cfc-bsb.

According to the researchers, once installed, these packages would connect to Gmail using hardcoded credentials and initiate communication with a command-and-control (C2) server. They would then establish a WebSockets tunnel that leverages Gmail’s email server, allowing the traffic to bypass traditional firewalls and security systems.

This setup enabled attackers to remotely execute code, extract files, and gain unauthorized access to targeted systems.

Evidence suggests that the attackers were mainly targeting cryptocurrency assets. One of the email addresses used by the malware featured terms like “blockchain” and “bitcoin” — an indication of its intent.

“Coffin-Codes-Pro establishes a connection to Gmail’s SMTP server using hardcoded credentials, namely sphacoffin@gmail[.]com and a password,” the report says.
“It then sends a message to a second email address, blockchain[.]bitcoins2020@gmail[.]com politely and demurely signaling that the implant is working.”

Socket has issued a warning to all Python developers and users who may have installed these packages, advising them to remove the compromised libraries immediately, and rotate all sensitive credentials.

The researchers further advised developers to remain alert for suspicious outbound connections:

“especially SMTP traffic”, and warned them not to trust a package just because it was a few years old.
“To protect your codebase, always verify package authenticity by checking download counts, publisher history, and GitHub repository links,” they added.

“Regular dependency audits help catch unexpected or malicious packages early. Keep strict access controls on private keys, carefully limiting who can view or import them in development. Use isolated, dedicated environments when testing third-party scripts to contain potentially harmful code.”
Read more »
storage
Avast Email Scams Gmail malware Spam storage

Don’t Delete Spam Emails Too Quickly — Here’s Why


 

Most of us delete spam emails as soon as they land in our inbox. They’re irritating, unwanted, and often contain suspicious content. But what many people don’t know is that keeping them, at least briefly can actually help improve your email security in the long run.


How Spam Helps Train Your Email Filter

Email services like Gmail, Outlook, and others have systems that learn to detect unwanted emails over time. But for these systems to improve, they need to be shown which emails are spam. That’s why it’s better to mark suspicious messages as spam instead of just deleting them.

If you’re using a desktop email app like Outlook or Thunderbird, flagging such emails as “junk” helps the program recognize future threats better. If you're reading emails through a browser, you can select the unwanted message and use the “Spam” or “Move to Junk” option to send it to the right folder.

Doing this regularly not only protects your own inbox but can also help your co-workers if you’re using a shared office mail system. The more spam messages you report, the faster the system learns to block similar ones.


No Need to Worry About Storage

Spam folders usually empty themselves after 30 days. So you don’t have to worry about them piling up unless you want to manually clear them every month.


Never Click 'Unsubscribe' on Random Emails

Some emails, especially promotional ones, come with an unsubscribe button. While this can work with genuine newsletters, using it on spam emails is risky. Clicking “unsubscribe” tells scammers that your email address is real and active. This can lead to more dangerous emails or even malware attacks.


How to Stay Safe from Email Scams

1. Be alert. If something feels off, don’t open it.

2. Avoid acting quickly. Scammers often try to pressure you.

3. Don’t click on unknown links. Instead, visit websites directly.

4. Never open files from unknown sources. They can hide harmful programs.

5. Use security tools. Good antivirus software can detect harmful links and block spam automatically.


Helpful Software You Can Use

Programs like Bitdefender offer full protection from online threats. They can block viruses, dangerous attachments, and suspicious websites. Bitdefender also includes a chatbot where you can send messages to check if they’re scams. Another option is Avast One, which keeps your devices safe from fake websites and spam, even on your phone. Both are easy to use and budget-friendly.

While it may seem odd, keeping spam emails for a short time and using them to train your inbox filter can actually make your online experience safer. Just remember — never click links or download files from unknown senders. Taking small steps can protect you from big problems.

Read more »
WhatsApp
AI tools Gmail Google Privacy WhatsApp

Gmail Users Face a New Dilemma Between AI Features and Data Privacy

 



Google’s Gmail is now offering two new upgrades, but here’s the catch— they don’t work well together. This means Gmail’s billions of users are being asked to pick a side: better privacy or smarter features. And this decision could affect how their emails are handled in the future.

Let’s break it down. One upgrade focuses on stronger protection of your emails, which works like advanced encryption. This keeps your emails private, even Google won’t be able to read them. The second upgrade brings in artificial intelligence tools to improve how you search and use Gmail, promising quicker, more helpful results.

But there’s a problem. If your emails are fully protected, Gmail’s AI tools can’t read them to include in its search results. So, if you choose privacy, you might lose out on the benefits of smarter searches. On the other hand, if you want AI help, you’ll need to let Google access more of your email content.

This challenge isn’t unique to Gmail. Many tech companies are trying to combine stronger security with AI-powered features, but the two don’t always work together. Apple tried solving this with a system that processes data securely on your device. However, delays in rolling out their new AI tools have made their solution uncertain for now.

Some reports explain the choice like this: if you turn on AI features, Google will use your data to power smart tools. If you turn it off, you’ll have better privacy, but lose some useful options. The real issue is that opting out isn’t always easy. Some settings may remain active unless you manually turn them off, and fully securing your emails still isn’t simple.

Even when extra security is enabled, email systems have limitations. For example, Apple’s iCloud Mail doesn’t use full end-to-end encryption because it must work with global email networks. So even private emails may not be completely safe.

This issue goes beyond Gmail. Other platforms are facing similar challenges. WhatsApp, for example, added a privacy mode that blocks saving chats and media, but also limits AI-related features. OpenAI’s ChatGPT can now remember what you told it in past conversations, which may feel helpful but also raises questions about how your personal data is being stored.

In the end, users need to think carefully. AI tools can make email more useful, but they come with trade-offs. Email has never been a perfectly secure space, and with smarter AI, new threats like scams and data misuse may grow. That’s why it’s important to weigh both sides before making a choice.



Read more »
Workspace
Beta Enterprise Compliance CSE Cybersecurity Encryption Gmail Privacy S/MIME Security Workspace

Google Rolls Out Simplified End-to-End Encryption for Gmail Enterprise Users

 

Google has begun the phased rollout of a new end-to-end encryption (E2EE) system for Gmail enterprise users, simplifying the process of sending encrypted emails across different platforms.

While businesses could previously adopt the S/MIME (Secure/Multipurpose Internet Mail Extensions) protocol for encrypted communication, it involved a resource-intensive setup — including issuing and managing certificates for all users and exchanging them before messages could be sent.

With the introduction of Gmail’s enhanced E2EE model, Google says users can now send encrypted emails to anyone, regardless of their email service, without needing to handle complex certificate configurations.

"This capability, requiring minimal efforts for both IT teams and end users, abstracts away the traditional IT complexity and substandard user experiences of existing solutions, while preserving enhanced data sovereignty, privacy, and security controls," Google said today.

The rollout starts in beta with support for encrypted messages sent within the same organization. In the coming weeks, users will be able to send encrypted emails to any Gmail inbox — and eventually to any email address, Google added.

"We're rolling this out in a phased approach, starting today, in beta, with the ability to send E2EE emails to Gmail users in your own organization. In the coming weeks, users will be able to send E2EE emails to any Gmail inbox, and, later this year, to any email inbox."

To compose an encrypted message, users can simply toggle the “Additional encryption” option while drafting their email. If the recipient is a Gmail user with either an enterprise or personal account, the message will decrypt automatically.

For users on the Gmail mobile app or non-Gmail email services, a secure link will redirect them to view the encrypted message in a restricted version of Gmail. These recipients can log in using a guest Google Workspace account to read and respond securely.

If the recipient already has S/MIME enabled, Gmail will continue to use that protocol automatically for encryption — just as it does today.

The new encryption capability is powered by Gmail's client-side encryption (CSE), a Workspace control that allows organizations to manage their own encryption keys outside of Google’s infrastructure. This ensures sensitive messages and attachments are encrypted locally on the client device before being sent to the cloud.

The approach supports compliance with various regulatory frameworks, including data sovereignty, HIPAA, and export control policies, by ensuring that encrypted content is inaccessible to both Google and any external entities.

Gmail’s CSE feature has been available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers since February 2023. It was initially introduced in beta for Gmail on the web in December 2022, following earlier launches across Google Drive, Docs, Sheets, Slides, Meet, and Calendar.
Read more »
Technology
Cyberhackers Cybersecurity CyberThreat Gmail Google Google Drive Google Meet Technology

Gmail Upgrade Announced by Google with Three Billion Users Affected

 


The Google team has officially announced the launch of a major update to Gmail, which will enhance functionality, improve the user experience, and strengthen security. It is anticipated that this update to one of the world’s most commonly used email platforms will have a significant impact on both individuals as well as businesses, providing a more seamless, efficient, and secure way to manage digital communications for individuals and businesses alike.

The Gmail email service, which was founded in 2004 and has consistently revolutionized the email industry with its extensive storage, advanced features, and intuitive interface, has continuously revolutionized the email industry. In recent years, it has grown its capabilities by integrating with Google Drive, Google Chat, and Google Meet, thus strengthening its position within the larger Google Workspace ecosystem by extending its capabilities. 

The recent advancements from Google reflect the company’s commitment to innovation and leadership in the digital communication technology sector, particularly as the competitive pressures intensify in the email and productivity services sector. Privacy remains a crucial concern as the digital world continues to evolve. Google has stressed the company’s commitment to safeguarding user data, and is ensuring that user privacy remains of the utmost importance. 

In a statement released by the company, it was stated that the new tool could be managed through personalization settings, so users would be able to customize their experience according to their preferences, allowing them to tailor their experience accordingly. 

However, industry experts suggest that users check their settings carefully to ensure their data is handled in a manner that aligns with their privacy expectations, despite these assurances. Those who are seeking to gain a greater sense of control over their personal information may find it prudent to disable AI training features. In particular, this measured approach is indicative of broader discussions regarding the trade-off between advanced functionality and data privacy, especially as the competition from Microsoft and other major technology companies continues to gain ground. 

Increasingly, AI-powered services are analyzing user data and this has raised concerns about privacy and data security, which has led to a rise in privacy concerns. Chrome search histories, for example, offer highly personal insights into a person’s search patterns, as well as how those searches are phrased. As long as users grant permission to use historical data, the integration of AI will allow the company to utilize this historical data to create a better user experience.

It is also important to remember, however, that this technology is not simply a tool for executive assistants, but rather an extremely sophisticated platform that is operated by one of the largest digital marketing companies in the world. In the same vein, Microsoft's recent approach to integrating artificial intelligence with its services has created a controversy about user consent and data access, leading users to exercise caution and remain vigilant.

According to PC World, Copilot AI, the company's software for analyzing files stored on OneDrive, now has an automatic opt-in option. Users may not have been aware that this feature, introduced a few months ago, allowed them to consent to its use before the change. It has been assured that users will have full Although users have over their data they have AI-driven access to cloud-stored files, the transparency of such integrations is s being questioned as well as the extent of their data. There remain many concerns among businesses that are still being questioned. Businesses remain concerned aboutness, specifically about privacy issues.

The results of Global Data (cited by Verdict) indicate that more than 75% of organizations are concerned about these risks, contributing to a slowdown in the adoption of artificial intelligence. A study also indicates that 59% of organizations lack confidence in integrating artificial intelligence into their operations, with only 21% reporting an extensive or very extensive deployment of artificial intelligence. 

In the same way that individual users struggle to keep up with the rapid evolution of artificial intelligence technologies, businesses are often unaware of the security and privacy threats that these innovations pose. As a consequence, industry experts advise organizations to prioritize governance and control mechanisms before adopting AI-based solutions to maintain control over their data. CISOs (chief information security officers) might need to adopt a more cautious approach to mitigate potential risks, such as restricting AI adoption until comprehensive safeguards have been implemented. 

The introduction of AI-powered innovations is often presented as seamless and efficient tools, but they are supported by extensive frameworks for collecting and analyzing data. For these systems to work effectively, they must have well-defined policies in place that protect sensitive data from being exposed or misused. As AI adoption continues to grow, the importance of stringent regulation and corporate oversight will only increase. 

To improve the usability, security and efficiency of Gmail, as well as make it easier for both individuals and businesses, Google's latest update has been introduced to the Gmail platform. There are several features included in this update, including AI-driven features, improved interfaces, and improved search capabilities, which will streamline email management and strengthen security against cybersecurity threats. 

By integrating Google Workspace deeper, businesses will benefit from improved security measures that safeguard sensitive information while enabling teams to work more efficiently and effectively. This will allow businesses to collaborate more seamlessly while reducing cybersecurity risks. The improvements added by Google to Gmail allow it to be a critical tool within corporate environments, enhancing productivity, communication, and teamwork. With this update, Google confirms Gmail's reputation as a leading email and productivity tool. 

In addition to optimizing the user experience, integrating intelligent automation, strengthening security protocols, and expanding collaborative features, the platform maintains its position as a leading digital communication platform. During the rollout over the coming months, users can expect a more robust and secure email environment that keeps pace with the changing demands of today's digital interactions as the rollout progresses.
Read more »
Spam
Cyber Security Emails Gmail Outlook Spam

Why You Shouldn’t Delete Spam Emails Right Away

 



Unwanted emails, commonly known as spam, fill up inboxes daily. Many people delete them without a second thought, assuming it’s the best way to get rid of them. However, cybersecurity experts advise against this. Instead of deleting spam messages immediately, marking them as junk can improve your email provider’s ability to filter them out in the future.  


The Importance of Marking Emails as Spam  

Most email services, such as Gmail, Outlook, and Yahoo, use automatic spam filters to separate important emails from unwanted ones. These filters rely on user feedback to improve their accuracy. If you simply delete spam emails without marking them as junk, the system does not learn from them and may not filter similar messages in the future.  

Here’s how you can help improve your email’s spam filter:  

• If you use an email app (like Outlook or Thunderbird): Manually mark unwanted messages as spam if they appear in your inbox. This teaches the software to recognize similar messages and block them.  

• If you check your email in a web browser: If a spam message ends up in your inbox instead of the spam folder, select it and move it to the junk folder. This helps train the system to detect similar threats.  

By following these steps, you not only reduce spam in your inbox but also contribute to improving the filtering system for other users.  


Why You Should Never Click "Unsubscribe" on Suspicious Emails  

Many spam emails include an option to "unsubscribe," which might seem like an easy way to stop receiving them. However, clicking this button can be risky.  

Cybercriminals send millions of emails to random addresses, hoping to find active users. When you click "unsubscribe," you confirm that your email address is valid and actively monitored. Instead of stopping, spammers may send you even more unwanted emails. In some cases, clicking the link can also direct you to malicious websites or even install harmful software on your device.  

To stay safe, avoid clicking "unsubscribe" on emails from unknown sources. Instead, mark them as spam and move them to the junk folder.  


Simple Ways to Protect Yourself from Spam  

Spam emails are not just a nuisance; they can also be dangerous. Some contain links to fake websites, tricking people into revealing personal information. Others may carry harmful attachments that install malware on your device. To protect yourself, follow these simple steps:  

1. Stay Alert: If an email seems suspicious or asks for personal information, be cautious. Legitimate companies do not ask for sensitive details through email.  

2. Avoid Acting in a Hurry: Scammers often create a sense of urgency, pressuring you to act quickly. If an email claims you must take immediate action, think twice before responding.  

3. Do Not Click on Unknown Links: If an email contains a link, avoid clicking it. Instead, visit the official website by typing the web address into your browser.  

4. Avoid Opening Attachments from Unknown Senders: Malware can be hidden in email attachments, including PDFs, Word documents, and ZIP files. Open attachments only if you trust the sender.  

5. Use Security Software: Install antivirus and anti-spam software to help detect and block harmful emails before they reach your inbox.  


Spam emails may seem harmless, but how you handle them can affect your online security. Instead of deleting them right away, marking them as spam helps email providers refine their filters and block similar messages in the future. Additionally, never click "unsubscribe" in suspicious emails, as it can lead to more spam or even security threats. By following simple email safety habits, you can reduce risks and keep your inbox secure.

Read more »
QR code security
2FA Cyber Security cybercriminals Gmail Google Google Security Tools QR code QR code security

Google to Introduce QR Codes for Gmail 2FA Amid Rising Security Concerns

 

Google is set to introduce QR codes as a replacement for SMS-based two-factor authentication (2FA) codes for Gmail users in the coming months. While this security update aims to improve authentication methods, it also raises concerns, as QR code-related scams have been increasing. Even Google’s own threat intelligence team and law enforcement agencies have warned about the risks associated with malicious QR codes. QR codes, short for Quick Response codes, were originally developed in 1994 for the Japanese automotive industry. Unlike traditional barcodes, QR codes store data in both horizontal and vertical directions, allowing them to hold more information. 

A QR code consists of several components, including finder patterns in three corners that help scanners properly align the code. The black and white squares encode data in binary format, while error correction codes ensure scanning remains possible even if part of the code is damaged. When scanned, the embedded data—often a URL—is extracted and displayed to the user. However, the ability to store and quickly access URLs makes QR codes an attractive tool for cybercriminals. Research from Cisco Talos in November 2024 found that 60% of emails containing QR codes were spam, and many included phishing links. While some emails use QR codes for legitimate purposes, such as event registrations, others trick users into revealing sensitive information. 

According to Cisco Talos researcher Jaeson Schultz, phishing attacks often use QR codes for fraudulent multi-factor authentication requests to steal login credentials. There have been multiple incidents of QR code scams in recent months. In one case, a 70-year-old woman scanned a QR code at a parking meter, believing she was paying for parking, but instead, she unknowingly subscribed to a premium gaming service. Another attack involved scammers distributing printed QR codes disguised as official government severe weather alerts, tricking users into downloading malicious software. Google itself has warned that Russian cybercriminals have exploited QR codes to target victims through the Signal app’s linked devices feature. 

Despite these risks, users can protect themselves by following basic security practices. It is essential to verify where a QR code link leads before clicking. A legitimate QR code should provide additional context, such as a recognizable company name or instructions. Physical QR codes should be checked for tampering, as attackers often place fraudulent stickers over legitimate ones. Users should also avoid downloading apps directly from QR codes and instead use official app stores. 

Additionally, QR-based payment requests in emails should be verified through a company’s official website or customer service. By exercising caution, users can mitigate the risks associated with QR codes while benefiting from their convenience.
Read more »
Yahoo
Astaroth Phishing Authentication Cyber Attacks CyberCrime Cybersecurity CyberThreat Dark Web Gmail PHaas Telegram URL Yahoo

2FA Under Attack as Astaroth Phishing Kit Spreads

 


Astaroth is the latest phishing tool discovered by cybercriminals. It has advanced capabilities that allow it to circumvent security measures such as two-factor authentication (2FA) when used against it. In January 2025, Astaroth made its public debut across multiple platforms, including Gmail, Yahoo, and Office 365, with sophisticated technologies such as session hijacking and real-time credentials interceptions, which compromise user accounts across multiple platforms. 

SlashNext researchers claim Astaroth makes use of a reverse proxy called an evilginx-style proxy to place itself between legitimate login pages and users. As a result, the tool is capable of intercepting and capturing sensitive credentials, such as usernames, passwords, 2FA tokens, and session cookies, without triggering security alerts, thereby making the tool effective. 

It has been demonstrated that attackers who have obtained these session cookies will be able to hijack authenticated sessions, bypass additional security protocols, and gain unauthorized access to user accounts once they have acquired these cookies. Astaroth demonstrates the evolution of cyber threats and the sophistication of phishing techniques that compromise online security. This development highlights how cybercriminals have been evolving their methods of phishing over the years.

Clearly, Astaroth highlights how cybercriminals' tactics have evolved over the last decade, as phishing has evolved into a lucrative business. The sophistication of sophisticated attacks has now reached a point where it is now marketed like commercial software products, with regular updates, customer support, and testing guarantees attached to them. 

The attacker can intercept real-time credentials and use reverse proxy techniques in order to hijack authenticated sessions in order to bypass even the most robust phishing defences, such as Multi Factor Authentication (MFA), which are designed to protect against phishing attacks. Due to the widespread availability of phishing kits such as Astaroth, which significantly reduces the barrier to entry, less experienced cybercriminals are now capable of conducting highly effective attacks given that the barriers to entry have been significantly lowered. 

The key to mitigating these threats is to adopt a comprehensive, multilayered security strategy that is both comprehensive and multifaceted. It must have a password manager, endpoint security controls, real-time threat monitoring, and ongoing employee training to ensure that employees are aware of cybersecurity threats in real time. 

As an additional consideration, implementing Privillege Access Management (PAM) is equally vital, since it prevents unauthorized access to critical systems, even if login credentials are compromised, through the use of PAM. Business owners remain vulnerable to increasingly sophisticated phishing techniques that can circumvent the traditional defenses of their organisations without appropriate proactive security measures. 

The Astaroth phishing kit has been developed to enable a more effective method of bypassing multi-factor authentication (MFA). By using an evilginx reverse proxy, it intercepts authentication processes in real time as they are happening. By using Astaroth, attackers will be able to steal authenticated sessions and hack them seamlessly with no technical knowledge. Astaroth is different from traditional phishing tools, which capture only static credentials; instead, it dynamically retrieves authorization tokens, 2FA tokens, and session cookies. This tool is a man-in-the-middle attack that renders conventional anti-phishing defenses and multi-factor authentication protections ineffective by acting as an intermediary. 

Discovered by SlashNext Threat Researchers on cybercrime marketplaces, Astaroth is marketed as a tool that can be used easily. It is a 2-in-1 solution that sells for $2000 and includes six months of continuous updates, which includes the newest bypass techniques, as well as pre-purchase testing to demonstrate its effectiveness in real-world attacks if the buyer wants to establish credibility within cybercriminal networks. There is no doubt that the sophistication of phishing kits such as Astaroth, as well as the implementation of behaviour-based authentication, endpoint security controls, and continuous threat monitoring, are critical to organizations in order to defend themselves from these ever-evolving cyber threats that are continually evolving. 

As a means of expanding the company's customer base, Astaroth's developers have publicly revealed the methodologies they use to bypass security measures, such as reCAPTCHA or BotGuard, as a way of demonstrating the kit's effectiveness at circumventing automatic security measures. Cybercriminals in cybercrime forums and underground marketplaces are actively promoting Astaroth among their communities and are primarily distributing it through Telegram, leading to its widespread adoption among cybercriminals world-wide. 

There are several advantages to using these platforms, the most important of which is their accessibility, along with the anonymity they provide. This makes monitoring, tracking, and disrupting the sale and distribution of phishing kits very challenging for law enforcement agencies. There is a particular application known as Telegram which is commonly used by cybercriminals to communicate and to distribute their illicit activities due to its end-to-end encryption, private groups, and minimal oversight. This makes it very difficult for law enforcement to trace illicit activities on Telegram. 

It may not only facilitate the proliferation of Astaroth on the dark web, but also on underground marketplaces - both of which allow threat actors to engage in peer-to-peer transactions without disclosing their identities to each other. The fact that these platforms are decentralized, along with the fact that cryptocurrency payments are used in conjunction with them, adds more layers of protection for cybercriminals, making it even more difficult for authorities to take enforcement action against them. Astaroth continue to be embraced by cybercriminal communities and is lowering the barrier to entry for less-experienced attackers, which in turn is promoting phishing-as-a-service (PhaaS) models which are becoming more prevalent as a consequence. 

Due to the complexities posed by sophisticated phishing kits like Astaroth, security professionals emphasize the need for proactive security measures, which include real-time threat intelligence, endpoint detection, and multi-layered authentication strategies, as well as real-time threat intelligence. Aside from offering custom hosting solutions, Astaroth also offers bulletproof hosting, which will make Astaroth more resilient against legal authorities’ efforts to take down its websites. 

Cybercriminals are able to conduct attacks with minimal disruption in jurisdictions with weak regulatory oversight when using the phishing kit since it operates in jurisdictions that lack regulatory oversight. As a Field CTO of SlashNext, J Stephen Kowski believes that the emergence of Astaroth with regards to authentication is one of the most important implication that could be borne out by the fact that even the most robust authentication systems can be compromised if the attackers obtain the two-factor authentication (2FA) codes and session information during the authentication process in real time. 

Thomas Richards, Principal Consultant and Network and Red Team Practice Director at Black Duck, a Burlington, Massachusetts-based provider of application security solutions, has emphasized the sophistication and severity of the Astaroth phishing kit. According to Richards, this phishing kit demonstrates an advanced level of complexity, making it increasingly difficult for users to identify and avoid such attacks. "Traditional security awareness training often instructs users to recognize phishing attempts by looking for red flags such as suspicious URLs, grammatical errors, or lack of SSL certification. 

However, Astaroth’s highly sophisticated approach significantly reduces these indicators, making detection far more challenging," Richards stated. Furthermore, the infrastructure supporting these attacks is often hosted by providers that do not cooperate with law enforcement agencies, complicating efforts to dismantle these operations. In response to this growing threat, the United States and several European nations have imposed sanctions on countries that provide bulletproof hosting services, which are frequently exploited by cybercriminals to evade legal action. 

Richards advises users to exercise extreme caution when receiving emails that appear to originate from legitimate organizations and contain urgent requests for immediate action. Rather than clicking on embedded links, users should manually navigate to the official website to verify the authenticity of any alerts or account-related issues. This proactive approach is essential in mitigating the risks posed by advanced phishing campaigns like Astaroth. 

Organizations must implement advanced security measures beyond traditional login protections in order to protect themselves from these threats. According to Thomas Richards, a Principal Consultant and Network and Red Team Practice Director for Black Duck, a Burlington-based company that provides applications security solutions, Astaroth's phishing kit is sophisticated and quite severe. As Richards points out, this phishing kit shows a remarkable degree of complexity, which makes it increasingly difficult for users to identify and avoid attacks such as these as they run across them. 

It has always been taught to users during traditional security awareness training to look for red flags, such as suspicious URLs, grammatical errors, or a lack of SSL certification, so they can identify phishing attempts. Although these indicators are largely reduced by Astaroth's highly sophisticated approach, Richards noted that the detection of them is much more challenging as a result. The infrastructure that supports these malicious attacks is typically hosted by providers who do not cooperate with law enforcement agencies, which complicates the process of dismantling these attacks.

Several European countries and the United States have increased sanctions in response to its growing threat, increasing the chance that these countries (including the United States) will use defenseless host hosting services, which are regularly exploited by cybercriminals to avoid legal action and avoid repercussions for their crimes. 

The American scientist Richards urges users to exercise extreme caution if they receive an email that appears to be coming from a legitimate organization and contains urgent requests for action that need to be taken immediately. As a precaution, users should not click on embedded links in emails, but instead should visit the official site to verify the authenticity of any alerts they receive or account-related issues. Taking a proactive approach effectively mitigates the threats posed by advanced phishing campaigns such as Astaroth.
Read more »
phishing
Cyber Security Email Scams FBI Gmail Outlook phishing

How to Protect Yourself from Email Scams: FBI’s Top Tips for Staying Safe

 



While phishing scams are on the rise over the holiday period, the FBI has reminded Gmail, Outlook, Apple Mail, and other services users to be more alert. More phishing schemes are becoming common as criminals use the festive season rush as an opportunity to target more people. Here is how the FBI has warned its citizens against phishing attacks:.

It has generally entailed scamming emails that request the stealing of personal information or even money. Scammers try to deceive a victim with deals they will promise; discounted products, gift cards, or exclusive offers, amongst others. These appear quite legitimate, mimicking familiar brands with realistic logos and designs. With AI tools, it is now more possible for cybercriminals to generate messages that are shiny and polished yet professional-looking, targeting the most vigilant users in their deception.

Three Things to Check in Every Email

To counter these scams, the FBI points out three important checks:  

1. Check the Sender's Email Address: Look closely at the sender's email address. Scammers often use addresses that mimic real ones but with minor changes, like replacing a letter or adding extra characters.

2. Inspect Links Before Clicking: Hover over any link in the email to see where it leads. If the URL looks suspicious or doesn’t match the claimed source, avoid clicking it.  

3. Look for Errors: Scammers sometimes make spelling or grammatical mistakes in emails and URLs. These errors can signal that an email is fake.  

Additional Safety Tips  

The FBI also advises:

  • Avoid disclosing passwords and any form of financial information to any email. No business firm will ask for this type of information through email. 
  • Don't open attachments or click on links coming from unknown senders.  
  • Set up two-factor authentication (2FA) on your accounts for extra protection.
  • Share as little personal information on social media as possible, to make it harder for fraudsters to guess your passwords.

AI In the Wake Of Scams

The more advanced AI technology makes the scammers create the most realistic phishing schemes. This way, they can use artificial intelligence to design fake emails, replicate the look of an official email, or extract confidential information from documents or images. All this puts a bigger burden on users when trying to spot scams.

What Can You Do?

Tech companies, such as Google, have been increasing their efforts to secure users. For example, the majority of phishing attempts in Gmail are blocked, and the service provides direction to help users identify scams. Google instructs users to slow down before acting on an email by verifying its claims independently and reporting anything suspicious.

This has proven true for phishing attacks, and growing sophistication is only outpaced by awareness. Take some time and understand emails before rushing to execute a 

response to urgent messages. As a result, your sensitive information is safe and can therefore have a secure online experience. 




Read more »
Rhadamanthys malware
Check Point Cyber Attacks data security Gmail Gmail Hack Gmail-Accounts Personal Data Phishing scam Rhadamanthys malware

Gmail Alert: Massive Phishing Campaign Spreads Rhadamanthys Malware

 

Cybersecurity experts have issued a new warning about a large-scale phishing attack targeting Gmail users worldwide. Researchers at Check Point have uncovered the threat, which uses fake Gmail accounts to send emails impersonating well-known companies. These fraudulent messages claim recipients have violated copyright laws on their social media accounts, urging them to take immediate action. 

The goal of these emails is to trick victims into downloading attachments laced with the Rhadamanthys Stealer malware. Once installed, this malware infiltrates systems to steal sensitive personal data. The attackers’ strategy is both sophisticated and alarming. They create convincing fake Gmail accounts and customize emails to appear as if they are from legitimate organizations. Victims are informed of supposed copyright violations and pressured to resolve the issue by downloading attached files. 

However, clicking on these files triggers the malware’s installation, granting hackers access to a victim’s computer. The malware operates silently, collecting private information such as login credentials and other sensitive data without the user’s knowledge. The phishing campaign has already reached a global audience, targeting users in Europe, Asia, and the United States. Check Point highlights the staggering scale of the operation, noting that nearly 70% of the impersonated companies belong to the entertainment, media, technology, and software industries. This wide range of targets makes the attack more challenging to detect and stop. 

The campaign leverages people’s trust in established companies and creates urgency, making victims more likely to fall for the scam. One of the most concerning aspects of the attack is the advanced capabilities of the Rhadamanthys Stealer malware. This sophisticated program is specifically designed to evade detection by traditional security measures. Once installed, it can extract a variety of data from the infected system, including passwords, financial information, and personal files. The malware’s ability to operate covertly increases the risk for users who are unaware that their devices have been compromised. 

Experts stress the importance of vigilance in protecting against this type of phishing attack. Email users should carefully verify the sender’s identity and be cautious of messages that create a sense of urgency or demand immediate action. Legitimate organizations rarely use generic Gmail accounts to contact users, and they typically do not send unsolicited attachments or links. Users should also avoid downloading files or clicking on links from unknown sources, as these actions can initiate malware installation. 

Keeping antivirus software up to date is another critical step in preventing infections. Modern security programs are designed to detect and block malicious files like those associated with Rhadamanthys Stealer. Additionally, users are encouraged to report any suspicious emails to their email providers, which can help prevent further spread of such attacks. By staying informed and adopting safe online practices, individuals can reduce their vulnerability to these increasingly sophisticated phishing campaigns.
Read more »
Technology Updates
Accounts Cybercrime. Cybercriminal. Cyberthreats Cyberhackers Gmail Privacy Technology Updates

Gmail Under Attack: Secure a Backup Account

 


Having access to a Gmail account in the present world is rather dangerous because hackers create new ways of penetrating the account, even if it at times employs a 2FA security feature. While methods like passkey sign-ins and secure browsing have been adopted by Google, risks like session cookie theft remain a reality. Google Chrome users may encounter a pop-up alert stating, “Your password was exposed in a non-Google data breach” in their web browser. This alert notifies users of recent security breaches that may have compromised their account passwords. 

With 2.5 billion active users, Gmail is a prominent target for hackers aiming to compromise accounts and access sensitive information. Reports of sophisticated cyberattacks, including session cookie theft and two-factor authentication (2FA) bypassing, are rising. To safeguard email security, users are advised to consider proactive measures, such as setting up a secondary Gmail account, as waiting to act may increase vulnerability to 2FA-bypass attacks. For many, the risk of account compromise is a growing concern, as hackers employ session cookie-stealing tactics to bypass even the most robust 2FA protections. 

Cybercrime agencies strongly encourage enabling 2FA, yet cybercriminals continue to evolve methods for evading these safeguards. Google has made significant strides in enhancing security through features like secure pass-key sign-in across devices and safe browsing protections for Chrome users. The problem remains that attackers are now leveraging sophisticated tools to penetrate even Google's advanced encryption measures taken to prevent cookie theft, despite Google's efforts to protect its users. 

Even though a secondary Gmail account should not be used directly as a preventative measure against 2FA bypass attacks, it can still serve as a valuable backup in the event of a breach of users' primary Gmail accounts. There have been numerous discussions about this approach among users, such as those on the Gmail subreddit, where some users have shared their experiences of their accounts being compromised despite having 2FA enabled on their accounts. Creating a new Gmail account does not guarantee immunity from attacks, but it is one of the best ways to secure and protect any emails which are important and often irreplaceable. 

For this new account, it is suggested that users use different methods to ensure the maximum level of security. Set up 2FA, as an example, using a standalone authentication app instead of sending an SMS to the same phone number on which 2FA will be activated. As much as possible, link a user's new account to a different device or unique information if possible. Initially, users will have to set up a Gmail account that will allow them to forward their emails to this new account once they are all set up, but once this is done they will automatically receive a copy of their emails sent through their main Gmail account. 

Using this approach, they will be able to access their emails even if anything should happen to their primary email account. As an extra layer of security, consider signing up for Google's Advanced Protection Program to ensure that users' accounts are more secure, adding multiple security layers that make it more difficult for anyone to access the accounts without permission. In the case that a hacker does manage to gain access to a customer's primary Gmail account, having a backup account means that they will have to hack an account separately in case of a breach.

In the unlikely event that something untoward happens, it's a comforting safety net to fall back on. As there are no fees associated with setting up a second Google account, users could set up a second one using Gmail, a free web-based email account. For added security, users should take the following steps: first, sign out from any existing Google accounts, then go to the Google Account sign-in page and click on “Create Account” for added security.

To ensure maximum security, users should consider using a different device for the primary account, so that it will not be compromised if a single point of failure is found. Furthermore, it would be beneficial to choose a second-factor code generator rather than 2FA via SMS, such as an authentication app, which uses a unique code generator to generate users' second-factor code, thereby enhancing the security of their account. 

In conclusion, one of the best ways to further isolate a new account from potentially compromised accounts is to use varied personal information when establishing it. There is no dearth of web-based email platforms, but with Google's free web-based Gmail service, it is incredibly easy to set up separate accounts for each user. It is common for users to lose count of how many different apps they have on their phones, even though they only use two or three of them regularly. 

To ensure that this new account is as secure as possible and less likely to be compromised by a threat actor who succeeded in attacking the original account, either use a password tied to an entirely separate device or use two-factor authentication where users use a standalone app to generate the 2FA code rather than text messaging to the same number they used before. Users should try and fill in as much information as possible when setting up a new account to avoid making it less unique. Once the secondary email account has been established, the next step involves setting up a forwarding rule within the original Gmail account. 

By doing this, users can ensure that a copy of each email is automatically sent to the secondary account, providing a reliable backup in case the primary account is ever compromised. Implementing this backup method is a proactive way to safeguard important information against unexpected events. Although having email forwarding in place adds an extra layer of security, it’s important to note that, even if a malicious actor gains access to the original account, the secondary account remains secure as a standalone entity. Since the two accounts are independent of each other, each would need to be compromised separately for a complete breach to occur. This setup minimizes risks and provides an effective, manageable backup. 

In an era of increasingly sophisticated digital threats, proactively securing Gmail accounts has become a crucial task for individuals and organizations alike. Setting up a secondary account with distinct, robust security measures enhances protection and acts as a safeguard for sensitive data. Users who adopt additional defences—such as two-factor authentication (2FA) and other advanced security practices—are in a far better position to counteract potential cyberattacks. Today’s threat landscape demands a strategic approach to email security, where even the most secure accounts can face risks. Through these proactive steps, individuals create a resilient backup framework, ensuring their data remains accessible and protected regardless of evolving threats.
Read more »
Tycoon
Gmail malware MFA Bypass Microsoft 365 multifactor authentication phishing kit Safety Security Tycoon

'Tycoon' Malware Kit Bypasses Microsoft and Google Multifactor Authentication

 

An emerging phishing kit called "Tycoon 2FA" is gaining widespread use among threat actors, who are employing it to target Microsoft 365 and Gmail email accounts. This kit, discovered by researchers at Sekoia, has been active since at least August and received updates as recent as last month to enhance its evasion techniques against multifactor authentication (MFA).

According to the researchers, Tycoon 2FA is extensively utilized in various phishing campaigns, primarily aimed at harvesting Microsoft 365 session cookies to bypass MFA processes during subsequent logins. The platform has amassed over 1,100 domain names between October 2023 and late February, with distribution facilitated through Telegram channels under different handles such as Tycoon Group, SaaadFridi, and Mr_XaaD.

Operating as a phishing-as-a-service (PhaaS) platform, Tycoon 2FA offers ready-made phishing pages for Microsoft 365 and Gmail accounts, along with attachment templates, starting at $120 for 10 days, with prices varying based on the domain extension. Transactions are conducted via Bitcoin wallets managed by the "Saad Tycoon Group," suspected to be the operator and developer of Tycoon 2FA, with over 1,800 recorded transactions as of mid-March.

The phishing technique employed by Tycoon 2FA involves an adversary-in-the-middle (AitM) approach, utilizing a reverse proxy server to host phishing webpages. This method intercepts user inputs, including MFA tokens, allowing attackers to bypass MFA even if credentials are changed between sessions.

Despite the security enhancements provided by MFA, sophisticated attacks like Tycoon 2FA pose significant threats by exploiting AitM techniques. The ease of use and relatively low cost of Tycoon 2FA make it appealing to threat actors, further compounded by its stealth capabilities that evade detection by security products.

Sekoia researchers outlined a six-stage process used by Tycoon 2FA to execute phishing attacks, including URL redirections, Cloudflare Turnstile challenges, JavaScript execution, and the presentation of fake authentication pages to victims.

The emergence of Tycoon 2FA underscores the evolving landscape of phishing attacks, challenging the effectiveness of traditional MFA methods. However, security experts suggest that certain forms of MFA, such as security keys implementing WebAuthn/FIDO2 standards, offer higher resistance against phishing attempts.

To assist organizations in identifying Tycoon 2FA activities, Sekoia has published a list of indicators of compromise (IoCs) on GitHub, including URLs associated with Tycoon 2FA phishing campaigns.
Read more »
Hacking
2-Step Verification Account security Action Fraud Cyber Crime Facebook Gmail Hacking

Gmail and Facebook Users Advised to Secure Their Accounts Immediately

 



In a recent report by Action Fraud, it has been disclosed that millions of Gmail and Facebook users are at risk of cyberattacks, with Brits losing a staggering £1.3 million to hackers. The data reveals that a concerning 22,530 individuals fell victim to account breaches in the past year alone.

According to Pauline Smith, Head of Action Fraud, the ubiquity of social media and email accounts makes everyone susceptible to fraudulent activities and cyberattacks. As technology advances, detecting fraud becomes increasingly challenging, emphasising the critical need for enhanced security measures.

The report highlights three primary methods exploited by hackers to compromise accounts: on-platform chain hacking, leaked passwords, and phishing. On-platform chain hacking involves cybercriminals seizing control of one account to infiltrate others. Additionally, leaked passwords from data breaches pose a significant threat to account security.

To safeguard against such threats, Action Fraud recommends adopting robust security practices. Firstly, users are advised to create strong and unique passwords for each of their email and social media accounts. One effective method suggested is combining three random words that hold personal significance, balancing memorability with security.

Moreover, implementing 2-Step Verification (2SV) adds an extra layer of protection to accounts. With 2SV, users are prompted to provide additional verification, such as a code sent to their phone, when logging in from a new device or making significant changes to account settings. This additional step fortifies account security, mitigating the risk of unauthorised access even if passwords are compromised.

Recognizing the signs of phishing scams is also crucial in preventing account breaches. Users should remain vigilant for indicators such as spelling errors, urgent requests for information, and suspicious inquiries. By staying informed and cautious, individuals can reduce their vulnerability to cyber threats.

In response to the escalating concerns, tech giants like Google have implemented measures to enhance password security. Features such as password security alerts notify users of compromised, weak, or reused passwords, empowering them to take proactive steps to safeguard their accounts.

The prevalence of online account breaches demands users to stay on their tiptoes when it comes to online security. By adopting best practices such as creating strong passwords, enabling 2-Step Verification, and recognizing phishing attempts, users can safeguard their personal information and financial assets from malicious actors.



Read more »
User Privacy
2FA Data Breach Digital Age Gmail Google Google Apps Google Photos User Privacy

Safeguard Your Data: Google's Data Purge Approaches

Google just announced that the time is running out on a massive cleanup of defunct Gmail accounts and content from Google Photos, which is scheduled to start on December 1. Many consumers can be taken aback by this action, which is intended to manage and streamline user data. Take quick action to make sure your important data isn't lost in the cleanse.

The data purge involves Google identifying and deleting data from accounts that have been inactive for an extended period. This includes Gmail messages, attachments, and Google Photos content. The goal is to free up storage space and enhance overall system efficiency.

Several major news outlets, including Forbes, CBS News, Business Insider, and Yahoo News, have covered this impending data purge, emphasizing the urgency for users to safeguard their digital assets.

Google's initiative raises concerns for users who may have overlooked the significance of their inactive accounts. If you've been using Gmail or Google Photos but have not actively engaged with these services, now is the time to reassess and secure your data.

To prevent the loss of your digital memories and crucial information, follow these steps:
  • Access Your Accounts: Log in to your Gmail and Google Photos accounts to ensure they are active and accessible. This alone can exempt your data from the impending purge.
  • Review and Save Important Data: Take the opportunity to review your emails and photos. Save any crucial information or memorable moments to a secure location, such as an external hard drive or cloud storage.
  • Update Account Information: Confirm that your account recovery information, including your phone number and email address, is up to date. This ensures you can recover your account if needed.
  • Enable Two-Factor Authentication: Strengthen the security of your Google accounts by enabling two-factor authentication. This adds an extra layer of protection, making it harder for unauthorized individuals to access your data.
These preventative measures will help you get through Google's data purge without losing important information. We need to be aware of any developments that could affect our digital assets since we are depending more and more on digital platforms to store and share our memories and information. To secure your data before it's too late, take action right away.


Read more »
Youtune
Artificial Intelligence Brad Chatbot Cyberattacks CyberCrime Cybersecurity Documents Gmail Technology Youtune

Google's Chatbot Bard Aims for the Top, Targeting YouTube and Search Domains

 


There has been a lot of excitement surrounding Google's AI chatbot Bard - a competitor to OpenAI's ChatGPT, which is set to become "more widely available to the public in the coming weeks." However, at least one expert has pointed out that in its demo, Bard made a factual error. 

As a result of the AI competition between Google and OpenAI, the Microsoft-backed company that created ChatGPT and provides artificial intelligence services for its products, Google has now integrated its chatbot Bard into apps like YouTube, Gmail and Drive, according to a company announcement, published Tuesday. 

In New York, a Google executive said on Thursday at the Reuters NEXT conference that the company's experimental chatbot Bard represents a path to the development of another product that will reach two billion users. In an interview with TechCrunch, Google's Product Lead Jack Krawczyk commented that Bard has laid the foundation for Google to attract even more customers with the help of its artificial intelligence feature, which enables consumers to brainstorm and get information using new artificial intelligence. 

It is possible, for instance, to ask Bard to plan a trip for an upcoming date, complete with flight options and your choice of airline. Users could also ask the tool to summarize meeting notes that have been made in Google Drive documents that they have recently uploaded. Several improvements will be made to Bard this coming Tuesday, including connections to Google's other services. 

The chatbot is also capable of communicating with users in various languages, with the ability to perform a variety of fact-checking functions as well as a broader upgrade to the larger language model that is the foundation of the tool. Google's Bard has been improving its features for nearly six months after it was first introduced to the public, marking the biggest update to the program in that period. 

Among the tech giants, Google, Microsoft, and ChatGPT creator OpenAI are racing against one another, as they roll out increasingly sophisticated consumer-facing artificial intelligence technologies, and they hope to convince users of their value as more than just a gimmick to them.

It is now believed that Google, which recently issued an internal code red when OpenAI beat it to the release of its artificial intelligence chatbot, is using its other widely used software programs to make Bard more useful as a result of the code red. It’s relatively unknown that Bard has received the same amount of attention as ChatGPT. 

According to data from Similarweb, a company that analyzes data for companies, ChatGPT had nearly 1.5 billion desktop and mobile visits in August, substantially more than Google’s A.I. tool and other competitors, which had just 50 million visits. Bard recorded just under 200 million desktop and mobile internet visits throughout August, while ChatGPT by OpenAI also registered 200 million visits during the same period. 

In an interview, Jack Krawczyk, Google's product lead for Bard, stated that Google was aware of the limitations that had caused the chatbot to not appeal to as many people as it should have. Users had told Mr. Krawczyk that the product was neat and novel, but that it did not integrate very well with their personal lives. 

Earlier this month, Google released what it called Bard Extensions, which is an extension of the ChatGPT plug-in that OpenAI announced in March, which allows ChatGPT to work with updated information provided by third-party companies such as Expedia, Instacart, and OpenTable, their own web services and voice apps. 

As a result of the new updates, Google is going to be trying to replicate some of the search engine's capabilities by including Flights, Hotels, and Maps, so users can conduct travel and transportation research using Google's search engine. In addition, Bard may be closer to becoming a more personalized assistant for its users, where they can ask which emails they missed and which points in a document are of most importance to them. 

With the help of Google's large language model, an artificial intelligence algorithm trained on vast amounts of data, Bard had been able to assist students with writing drafts of essays or planning their friend's baby showers. 

As a result of these new extensions, Bard will now draw information from a host of Google services, as well. Now, Bard will be able to retrieve information from YouTube, Google Maps, Flights, and Hotels as well. According to Google, Bard can be accessed through several other services and ask the service for things like "Show me how to write a good man speech and show me YouTube videos about it for inspiration," or suggestions for travel, complete with driving directions, etc.

The Bard extensions can be disabled by the user at any moment by choosing to do so. It is also possible for users to link their Gmail, Docs and Google Drive accounts with Bard to the tool so that it will be able to help them analyze and manage their data. 

For instance, the tool might be able to help with queries such as: "Find the most recent lease agreement in my Drive and calculate how much my security deposit was," Google said in a statement. In a statement, the firm listed that the company will not use users' personal Google Workspace information to train Bard or to serve targeted advertising to users and that users can withdraw their permission at any time in case they do not want it to access their personal information. 

By giving Bard access to a wealth of personal information as well as popular services such as Gmail, Google Maps, and YouTube, Bard is, in theory, making itself even more helpful for its users and gaining their confidence as a result. Using Bard, Google posits that a person planning a group trip to the Grand Canyon may be able to get the dates that suit everyone, get flight and hotel options, provide directions based on Maps, and also take advantage of videos with a variety of useful information available on YouTube.
Read more »
Subscribe to: Posts (Atom)